Subject: port-i386/24107: null dereference in intr_find_pcibridge()
To: None <gnats-bugs@gnats.netbsd.org>
From: None <yamt@mwd.biglobe.ne.jp>
List: netbsd-bugs
Date: 01/15/2004 20:34:43
>Number: 24107
>Category: port-i386
>Synopsis: null dereference in intr_find_pcibridge()
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: port-i386-maintainer
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Thu Jan 15 11:35:00 UTC 2004
>Closed-Date:
>Last-Modified:
>Originator: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
>Release: NetBSD 1.6ZG
>Organization:
>Environment:
System: NetBSD kaeru 1.6ZG NetBSD 1.6ZG (build.kaeru) #713: Wed Jan 14 21:10:12 JST 2004 takashi@kaeru:/home/takashi/work/kernel/build.kaeru i386
Architecture: i386
Machine: i386
>Description:
intr_find_pcibridge() assumes that busses on intr_extra_buses
have non null bridgetag. however, it isn't the case for
pchb's second pci busses.
>How-To-Repeat:
>Fix:
Index: intr.c
===================================================================
--- intr.c (revision 425)
+++ intr.c (working copy)
@@ -233,6 +233,8 @@ intr_find_pcibridge(int bus, pcitag_t *p
LIST_FOREACH(iebp, &intr_extra_buses, list) {
if (iebp->bus == bus) {
+ if (iebp->pci_bridge_tag == NULL)
+ return ENOENT;
*pci_bridge_tag = *iebp->pci_bridge_tag;
*pci_chipset_tag = iebp->pci_chipset_tag;
return 0;
>Release-Note:
>Audit-Trail:
>Unformatted: